Bottom Line

Overview

Yandex.Money is the largest online payment service provider in Russia, according to a 2016 study by TNS. The service is a joint venture between Yandex, an online search engine, and Sberbank, the largest bank in Russia. Yandex.Money provides e-wallet services to over 25 million accounts and is growing at a rate of 15,000 new accounts a day. Yandex.Money also offers Yandex.Checkout, an integrated payment solution for global merchants. With this payment solution, merchants can start accepting payment methods that are most popular among residents of Russia.

These include bank cards, e-wallets, cell phone balances for the top Russian providers, and cash via mobile retailers and payment kiosks (over 250,000 cash-acceptance points all over Russia). Currently, over 76,000 online stores use Yandex. Checkout.

Yandex.Money chose ThreatMetrix because of its robust and holistic approach to authenticating digital identities online. This helped Yandex.Money more accurately differentiate high-risk transactions from trusted ones. It was imperative that Yandex.Money could offer better customer experience relative to its competitors, promoting loyalty and lifetime value while detecting potential fraud in real time.

Reduce friction in the payments process. ThreatMetrix data feeds into the big data collected by Yandex.Money so that higher risk transactions can be processed using 3DS while trusted transactions are approved without step-up authentication.

Prevent fraudsters signing up for new accounts using stolen or synthetic identities.

Business Problem

The FinTech industry is being actively targeted by fraudsters looking to capitalize on emerging payment platforms and services which are often used by the unbanked and underbanked.

Following relentless and high-profile data breaches, stolen identities are easily available on the dark web for mere dollars and can be a straightforward route to account takeover and payment fraud. Yandex.Money is the most highly sought after service among P2P and B2B clients, according to TNS and Marks studies. As a result, the service was a key target for fraudsters who wanted to take advantage of Yandex. Money’s strong market position. Yandex.Money needed a way to balance a streamlined, frictionless user experience with effective fraud control. It was imperative that any fraud solution did not create barriers to doing business but was still able to accurately detect and stop high-risk transactions.

“ThreatMetrix provides us with key data that we use to maintain the security of our services. It gives us surety that we are transacting with a legitimate user.”

Relying on static identity data to authenticate a transaction does not protect financial institutions from cybercriminals using stolen credentials, leveraging remote access Trojans (RATs) or harvesting legitimate credentials from phishing scams. The ThreatMetrix solution passively authenticates transactions in real time using dynamic intelligence from the ThreatMetrix Digital Identity Network.

The Power of Global Shared Intelligence

The ThreatMetrix solution is powered by the Digital Identity Network, which harnesses global shared intelligence from millions of daily consumer interactions including logins, payments and new account applications. Using this information, ThreatMetrix builds unique digital identities by analyzing the almost infinite connections between devices, locations and anonymized personal information. Behavior that deviates from these trusted digital identities can be accurately identified in real time, alerting Yandex.Money to potential fraud. This dynamic data fed into Yandex.Money’s fraud engine so that suspicious behavior was detected before the transaction was processed.

“Our payment platform is now even more reliable, supported by ThreatMetrix intelligence that feeds into our fraud model.”

Long-Term Success

Yandex.Money’s advanced fraud engine is able to reduce the requirement for one-time passwords (including 3DS) and also feeds into a robust machine-learning model. This is supported by the following key ThreatMetrix capabilities:

ThreatMetrix deep connection analysis technologies provide a clearer view of anomalous or suspicious events. Fraudsters often attempt to hide behind location and identity cloaking services such as hidden proxies, VPNs and the TOR browser. ThreatMetrix accurately detects the use of these technologies and, in the case of proxies and VPNs, shows the true IP address, geolocation and other attributes of each event.

ThreatMetrix Smart ID helps recognize a returning device even when cookies are deleted/disabled. Derived from the analysis of many browser, plug-in, and TCP/IP connection attributes, Smart ID generates a confidence score that helps identify when fraudsters are using the same device to apply for multiple fraudulent accounts or use mules to complete applications.

Future Considerations

Yandex.Money is considering extending the ThreatMetrix solution to leverage:

ThreatMetrix Trust Tags: These enable differentiation between fraudsters and legitimate users. Trust can be associated dynamically with any combination of online attributes such as devices, email addresses, card numbers etc.